Should Service Providers offering Managed Firewalls include UTM capability as default?

The Dog and Partridge in Marchington, Staffordshire, was recently voted one of the top 200 pubs in the country. But this wasn’t the reason why it made the newspaper front pages last month: instead it found itself on the end of a hack attack by religious extremists, with its website no longer extolling the virtues of real ale and good food but making certain less appetising proclamations instead.

The immediate reaction was, of course, why attack an innocuous little pub in a rural English village? But that’s just it, why not? In this much changed digital world, where terrorism, criminal activity and espionage have overtaken the ‘hack for kicks’ element to create a sinister and pervasive new security threat, you can be an indiscriminate target. People don’t care who you are, they just want to find out if you are vulnerable and if they can exploit that weakness for their own nefarious ends. Yes, there will be those organisations who are specifically targeted, often through very sophisticated and complex attacks, because of the high value of the data they hold or the sensitive nature of what they do. But just as often it will be because the baddies have found a weakness they can exploit – and they will, regardless of who or what you are.

Think about your house for a minute. Thirty years ago, the sum total of domestic security was shutting the door behind you. Now, it’s a panoply of door locks, deadbolts, window locks, alarms and gates. That uprated protection can save you from being an indiscriminate target, the victim of an opportunistic crime. And yes, it can also help if you’re targeted, although as with corporate network security, you have to offset your protection measures against the determination and cleverness of the criminal.

Either way, the threat landscape has altered inexorably and organsiations need to be more aware of the options available to them to counter the heightened risk. Specifically, I’m wondering if the time has come when that vital line of defence for our customers and those of service providers like us, the managed firewall, should now be offered with UTM by default? UTM, Unified Threat Management, essentially offers in one premium appliance the holy trinity of security tools - anti-virus, content filtering and intrusion detection. While still significantly more cost-effective when offered as a single managed item than if a company purchased all the components individually, it does represent a premium on the basic firewall. But perhaps today’s gold standard in protection needs to be tomorrow’s everyday standard? I sense that corporate security is a price very well worth paying.